|
By Threat Research Team
In part one of our “Follow the Crypto” series, we highlighted the growing need for cryptocurrency investigations in the fight against fraud. We discussed the hurdles that investigations face, from the anonymous nature of transactions to the complexity of analyzing blockchain data, but also noted some famous successful investigations.
|
By Alex McConnell
Business leaders often see security as an insurance policy – a box that CISOs need to tick just in case the organization comes under attack. This make it difficult for InfoSec decision makers to justify the cost of upgrading defenses. After all, we already ticked that box – right? But when it comes to automated attacks, it’s not a matter of “if” bots will target your business. It’s not even a question of “when”.
|
By Threat Research Team
Nowadays, cryptocurrency is a buzzword in society. It’s mostly seen as a high-risk investment or associated with fast profit-making schemes. Despite this, its adoption has surged in recent years, and according to crypto.com, the number of cryptocurrency holders has now hit 580 million. Unfortunately, not all of them hold it for legitimate reasons. We are at a juncture where criminals have the knowledge, services, and tools to channel their illicit profits through cryptocurrencies.
|
By Alex McConnell
Netacea is proud to announce that one year on from originally completing SOC 2 Type 2 compliance, we have successfully passed our latest audit. This is an accolade we take pride in as it further demonstrates our ongoing commitment to data security and protecting our customers.
|
By Alex McConnell
Earlier this year we stated that bot attacks can be run by anyone, from skilled individuals to organised gangs. Bots can hit websites for a number of reasons. Common attacks include credential cracking to account takeover, to scalping. These bots have the power and capability to conduct multiple attacks repeatedly. Those actions have long seen standard for bots though, so what is new in the world of bot attacks? What is making these attacks more sophisticated?
|
By Alex McConnell
The use of artificial intelligence (AI) for defense allows for the better scanning of networks for vulnerabilities, automation, and attack detection based on existing datasets. However this is all in defense against an unknown attacker, who can have varying offensive tools all designed to overcome the most sophisticated defense. Is the biggest challenge for defensive AI that there is an offensive AI operator with unknown capabilities? And has offensive AI lowered the barrier of entry for bot attackers?
|
By Alex McConnell
The definition of Artificial Intelligence (AI) has been thrown around whilst it has risen to the top of the tech agenda over the past couple of years. Security professionals have determined AI to be a risk to businesses, and also an opportunity. But could it also be a way to better defend your network against attacks? For many years, AI and Machine Learning have gone hand in hand; with AI used to better determine defensive decisions and cut down on the human element in more basic functions.
|
By Netacea
New research from Netacea reveals 93% of security leaders expect to face daily AI-driven attacks by the end of this year. Ransomware and phishing attacks are expected to be enhanced by offensive AI, but bots remain an underestimated threat. All respondents are benefiting from AI in their security stack, but adoption of bot management is lagging behind.
|
By Threat Research Team
In our last blog post, we unpacked what SEO poisoning is and how it diverts organic search traffic. We examined some prevalent rank theft techniques used in SEO poisoning attacks. In this follow-up, we will dive into how automation can be used to further SEO poisoning and ranking theft attacks. With bots, adversaries can execute coordinated ranking theft at a speed and scale not possible manually.
|
By Alex McConnell
Anti-bot solutions have been around for a long time. Firewalls and WAFs are used by all kinds of businesses to protect their online assets from malicious bots. But as bots become more sophisticated and bot traffic volumes increase, many of these measures have become outdated and ineffective. If your anti-bot system isn’t performing, it could open your site to serious data breaches and other threats like Credential stuffing attacks and online fraud.
|
By Netacea
Netacea CISO Andrew Ash welcomes two special guests to the podcast this month to talk about AI adoption and managing third party risk: Thomas Ballin (CTO, Cytix) and Haydn Brooks (CEO, Risk Ledger).
|
By Netacea
To start this month’s episode, we once again weigh in on AI – this time considering the privacy implications when feeding prompts into generative AI tools like ChatGPT and Bard. We’ll discuss whether it’s safe to share company IP or your own personal information into such tools, before hearing how we approach this at Netacea from Principal Software Engineer John Beech.
|
By Netacea
This month’s episode takes off with a journey into the controversial world of skiplagging, also known as hidden city flying. Airlines and holiday businesses are taking legal action against passengers and websites like Skiplagged that exploit pricing loopholes, leaving empty seats on the second leg of multi-stop itineraries. But with scraper bots at the root of the issue, is there a technical solution to limit the practice?
|
By Netacea
This month we begin by examining the 2023 National Risk Register, a public version of the National Security Risk Assessment, which assesses the most serious risks to lives, health, society, critical infrastructure, economy and sovereignty. Cyber-attacks on infrastructure are listed as moderate impact – Our panel discusses how businesses can use the information within the report to prepare for attacks and keep our critical infrastructure as secure as possible.
|
By Netacea
In this month’s episode, we start by focusing on the real-world impact of bots (scripts used to automate tasks and exploit business logic). In the UK, bots are being used to book up every available driving test before reselling them for profit; meanwhile in the US, gig workers delivering groceries are losing out to bots that hoard the most profitable delivery jobs. Our panel explains how this happens and discusses what can be done to stop it.
|
By Netacea
A fresh Netacea panel of cyber experts are on hand once again to discuss the latest developments in security and bot-related news! This month, in light of OpenAI CEO Sam Altman standing before US senators and requesting regulation of AI businesses, we give our views on whether one body – or even one nation – can or should regulate this rapidly developing industry.
|
By Netacea
In part two of our RSA Conference 2023 series, Netacea CPO Andy Still and CISO Andy Ash return from San Francisco to share their insights from the biggest cybersecurity event of the year.
|
By Netacea
Welcome to a new format for the Cybersecurity Sessions! We’ve refocused our podcasts to provide insights into the latest news and trends in cybersecurity, calling on the expertise of Netacea’s threat researchers, bot specialists and business leaders. This month, new host Dani Middleton-Wren is joined by Matthew Gracey-McMinn, Chris Pace and Tom Platt. First they discuss the ever-intriguing topic of ethics in AI, with facial recognition tech from Clearview AI and PimEyes coming under legal and moral scrutiny, followed by the practicalities of fighting back against automated ticket scalping.
|
By Netacea
Our reliance on personal mobile devices leaves us vulnerable to attack; not just from anonymous criminal groups, but in some cases, from those closest to us. Stalkerware, a category of apps designed to secretly monitor the unsuspecting victim whose device they’re installed on, are a growing concern for security and privacy advocates, as well as law enforcement agencies.
|
By Netacea
Not a week goes by without a massive data leak being reported in the news – both in tech publications and across mainstream media. According to Atlas VPN, 5.9 billion credentials were leaked in 2021 alone. But it’s not just credentials under attack; personal data, payment information, sensitive corporate data, and even source code are all at risk of being leaked. But how is so much data leaked so often? What do criminals do with this data once they have it? How much risk does this pose to the public, and what can be done about it?
|
By Netacea
In 2019 we saw more credential stuffing, sniper and scraper bot attacks targeting websites, mobile apps and APIs alike. The shift in attack vectors and scale of attacks highlights an urgent need for a sophisticated solution that protects businesses and customers from the growing malicious bot threat. Understanding the intent of bad bots vs. humans or good bots is vital as all industries face new challenges in acquiring the necessary visibility of their traffic, and subsequent analysis required for rapid and effective attack response that doesn't sacrifice the user experience.
|
By Netacea
Are you seeing the full picture when it comes to web and application security? Without fast and accurate data at your fingertips from the best bot management, it's increasingly difficult to differentiate human from automated bot traffic on your web-facing applications. Credential stuffing, account fraud and scraping attacks are a multi-billion-dollar business¹, with the scope for earning made increasingly simple by the vast number of internet users, availability of login credentials and the sheer volume of connected devices.
|
By Netacea
The second Payment Services Directive (PSD2) is a data-driven legislation introduced by the European Union (EU) in 2015, with which all payment service providers (PSPs) throughout the EU and beyond must comply. PSD2 expands the scope of 2007's PSD, a directive implemented to make payments across borders as easy, secure and inexpensive as domestic payments. However, a short eight years later, innovations in technology and the prevalence of fintech have created new challenges for the payments industry to address.
|
By Netacea
Web traffic is made up of human and non-human visitors, but not all these sources are safe. Sophisticated bot traffic is on the rise and it is becoming increasingly difficult to differentiate the criminal from real customers. Download your free copy of 'The Managing and Mitigating Bots' Guide and learn about.
|
By Netacea
In 2017 Black Friday was the single largest cause of web traffic peaks and website outages in the retail industry. Even a 1-second delay in load time can result in a 7% loss in conversions.
- July 2024 (3)
- June 2024 (2)
- May 2024 (2)
- April 2024 (1)
- March 2024 (3)
- February 2024 (3)
- December 2023 (1)
- November 2023 (4)
- October 2023 (3)
- September 2023 (6)
- August 2023 (5)
- July 2023 (4)
- June 2023 (2)
- May 2023 (2)
- April 2023 (1)
- February 2023 (3)
- January 2023 (1)
- December 2022 (2)
- November 2022 (10)
- October 2022 (6)
- September 2022 (11)
- August 2022 (7)
- July 2022 (4)
- June 2022 (7)
- May 2022 (1)
- April 2022 (5)
- March 2022 (3)
- February 2022 (11)
- January 2022 (9)
- December 2021 (9)
- November 2021 (5)
- October 2021 (5)
- September 2021 (23)
- August 2021 (7)
- July 2021 (4)
- June 2021 (6)
- May 2021 (9)
- April 2021 (10)
- March 2021 (4)
- February 2021 (3)
- January 2021 (1)
- December 2020 (2)
- November 2020 (6)
- October 2020 (18)
- September 2020 (3)
- August 2020 (2)
- July 2020 (1)
- June 2020 (3)
- May 2020 (1)
- April 2020 (1)
- April 2019 (1)
- October 2018 (2)
- August 2018 (2)
Netacea provides a revolutionary bot management solution that protects websites, mobile apps and APIs from malicious attacks such as scraping, credential stuffing and account takeover.
Our Intent Analytics™ engine, powered by machine learning, quickly and accurately distinguishes bots from humans to protect websites, mobile apps and APIs from automated threats while prioritising genuine users. Actionable intelligence with data-rich visualisations empowers you to make informed decisions about your traffic.
We Prevent Sophisticated Automated Threats:
- Account Takeover: Stop account takeover by identifying account-based attacks.
- Credential Stuffing: Prevent data breaches and protect your website from credential stuffing attacks.
- Fake Account Creation: Prevent fake account fraud by identifying bot accounts, fake account creation and mass account registration.
- Web Scraping: Identify and block web scrapers and scraping attacks made to compromise your website.
- Ad/Click Fraud: Identify ad fraud to reduce wasted spend and prevent ad bots from illegitimately displaying or accessing ads.
- Skewed Marketing Analytics: Prevent bots from stealing your marketing budget and skewing your analytics.
A Smarter Approach to Bot Management.